Keyword Search

Authors

Date Range

Categories

Combatting Cybersecurity Tool Fatigue

Are you suffering from cybersecurity tool fatigue? Are your IT and security teams saddled with multiple unmanageable tools, intelligence feeds, and procedures—usually with a significant amount of overlap—that need continual updating to adapt to today’s everchanging IT and cybersecurity architectures?

Tool fatigue is a result of the security industry’s aimless growth over the last 20 years. For too long, security professionals didn’t fully understand the various cyberattacks and how to mitigate them at the source. Instead, the industry concentrated its efforts on creating point solutions—from antimalware and firewalls to intrusion prevention/detection (IDS/IPS) and web application firewalls (WAF)—to prevent threats from penetrating a network or device.

Cybersecurity experts are not immune to the shiny object syndrome—Squirrel!

Over time, companies succumbed to the “shiny object” syndrome, believing every new tool or release was the silver bullet that could wipe out all cyberthreats. Most companies pinned a great deal of hope on new technologies they acquired, but very few of them learned how to operate, integrate, and optimize those technologies for their business needs—reducing the value they might have provided.

For those who did, they built teams comprising multiple experts—from antimalware and firewall experts to intrusion detection/prevention (IDS/IPS) and web application firewall (WAF) experts, among others. But these experts rarely worked together—as they were highly focused on their own piece of the puzzle—and the cost of hiring and retaining them was unsustainable for most organizations.

In the worst cases, companies just didn’t do anything. They bought and deployed the technology but didn’t maintain it. The thing about security technology is that it must be continuously updated to be effective, if it isn’t, it quickly begins to lag and becomes outdated and therefore obsolete in the face of the latest cyberthreats.

Why does tool fatigue happen?

There are too many point solutions — With roughly 1,600 vendors in the space, how do you make sense of all the options? Do you even know where to start? Considering the currentcybersecurity talent shortage, there’s a good chance you don’t. Many vendors provide similar solutions—with nuances—and inundate CISOs with their offerings. As a result, security executives spend an excessive amount of time sorting through their options and trying to determine which products are best for their organization.

People don’t want to master the skills needed to maximize a security solution — Because of the talent shortage, most organizations lack staff with the required foundation to run even the rudimentary functions of a complex security solution. As a result, the “shiny object” sits idle or operates at a fraction of its capability. Eventually, a new tool arrives and is purchased, but the buyer doesn’t invest the time or money to train their staff to understand and operate it to its potential. As before, they get bored and start looking for the next best thing, and the cycle of buying and retiring tools continues.

The effect on compliance

Not only does tool fatigue aggravate an already complex security problem, it has a serious impact on the ability of compliance professionals to properly audit and report on their cybersecurity efforts.

You may want a quick and convenient solution, but ultimately meeting compliance mandates from HIPAA, PCI, GDPR, etc. is achieved in just one way: securing your IT environments and the data contained within. You must create a security program that addresses how your organization handles sensitive personal data, in all cases. That means addressing the relevant risks with the right strategies and controls.

This probably doesn’t sound fun and, I’ll be honest, getting compliant can be tough. But there’s good news: When you build the right security program from the beginning, instead of chasing the newest silver bullet, the long-term benefits outweigh the growing pains. You’ll discover a wealth of opportunities for improvement and end up with a stronger, higher-performing security infrastructure.

Cybersecurity tools are essential in protecting organizations from cybercriminals. However, there are so many tools on the market that it’s practically a fulltime job to assess, compare, and select the best options for your organization. Once a solution has been selected and implemented, you will meet many of the regulatory requirements by putting in place well-written policies and procedures and proving implementation of the security solution. Going forward it becomes essential that you have trained and qualified personnel to maintain compliance. Armor Partner, BEYOND LLC, specializes in assessing security programs, identifying potential weaknesses, recommending solutions, and helping its clients obtain security certification.

Why risk assessment and planning are crucial

The most direct road to securing your network and data starts with performing a thorough risk assessment and planning the implementation of a security solution. Because resources are typically limited, the planning stage is when you narrow your focus and direct your efforts and resources to defend against threats that have a high likelihood of affecting your business.

How do you get started? This is where having a third-party vendor experienced in conducting thorough risk assessments is valuable. A team with the right experience will not only offer much-needed objectivity to the risk assessment process but also help you ask the right questions.

You must uncover exactly who is accessing data, where they are accessing it, and how they are accessing it: Are mobile devices and external hard drives properly secured? You’ll also need to classify your servers (Do they contain personal data?), and determine which irregularities employees have used to get the job done.

Use the results of your risk assessment to identify the security controls needed to mitigate risk to an acceptable level. Organizations have different needs and capabilities, and security is not one-size-fits-all. To implement the best security program for your environment and avoid hefty, potentially business-ending fines during uncertain regulatory times, organizations should apply a security-first mindset and avoid jumping at shiny objects at all costs.

How to defeat cybersecurity tool fatigue

While no single cybersecurity product can ever be a silver bullet, that doesn’t mean a silver bullet solution for your organization doesn’t exist. By consolidating your existing best-of-breed IT security tools and making them work cohesively, you can strengthen your organization’s security posture, and that’s your silver bullet. Because of the above mentioned talent shortage, building such an ecosystem within your IT department is, unfortunately, highly unlikely.

Ideally, that solution would be dynamic, nimble, and DevOps-integrated. That means it would be suitable for imminent, large-scale changes—such as cloud migrations—and easily adaptable to any unforeseeable changes within the technology industry.

With a security-first mindset, you don’t have to deal with large operational burdens, managing and maintaining loads of security professionals, and, at the same time, hitting your bottom line. Instead, you can simply focus on your core business and increasing revenue.

Wayne Reynolds | Head of Security

Head of Security, Wayne Reynolds, manages the cyber and physical security operations at Armor. This unique, dual responsibility extends beyond the typical approach many cloud providers take in securing their own operations while leaving customers to fend for themselves. Key to establishing the strategic and operational vision at Armor, Wayne oversees the execution of Security Incident Management, Security Infrastructure, Vulnerability Threat Management, Threat Intelligence, Corporate Security, and Physical Security within both Armor’s corporate and customer environments. He leads Armor's Friendly Network Forces, a one-of-a-kind internal penetration testing organization designed to validate the company’s own security measures and evaluate risk from new or unforeseen threats. Prior to Armor, Wayne served in the U.S. Marine Corps for nearly 20 years where he led the Tactical Information Technology and Avionics Departments. In his civilian career, he has led organizations for a wide range of businesses including Conde Nast Publication, Copart Auto Auctions, Aerojet-Rocketdyne, Citi Group, and GameStop.

Related Blog Posts

Nov 152018

Tokenization + Security-as-a-Service, Part 2

John Noltensmeyer | Head of Global Privacy and Compliance Solutions, TokenEx In the last blog, we discussed the new GDPR standards, what they mean for organizations and individuals, and the ripple effect as other countries implement similar legislation. With so many governments beginning to take data protection more seriously, it’s important to understand the different […]

Nancy Free

Chief Compliance and Data Privacy Officer

Nancy Free, Armor's Chief Compliance and Data Privacy Officer, has over 20 years of IT experience, including IT governance, risk, compliance, and audit. She has spent over 15 years in the IT Security field leading IT and compliance teams in a variety of industries, including: energy, transportation, construction, mortgage lending, healthcare, and retail.

Post Tags

The first two stops on our roadshow are next week! We will be in Dallas on the 26th and Houston on the 28th. Register now to reserve your spot. You won't want to miss it! #compliance #cloud #AWS https://t.co/mzIFnPUAib

More than 80% of SMEs are planning to boost their security budget by 14% over the next year, while 89% say they've enhanced their security staff, appointing roles such as CISO, CSO and VP of infosecurity. Read more in this report by Armor and @451Research. https://t.co/Tcl7i0lLjf

Armor exists to protect. Each employee feels our passion, knows the vision and lives the company values. Diversity is key. Every role is important to Armor’s success. We volunteer our best every day and go to any length to ensure our customers are protected.